It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems. Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
- Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
- Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
- Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk
- The importance of collective resilience, collaboration and information sharing to combat high-consequence risk across the supply chain
- It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems. Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
- Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
- Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
- Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk
